1. CrowdStrike (CRWD) -- Forrester & MITRE
a) Forrester
CrowdStrike was named 1 of 4 leaders by Forrester in the research organization’s Q1 2022 Incident Response Report. It enjoyed top marks in 9 out of 24 metrics used to score companies and also has a much smaller market presence than the other 3 leaders -- which points to a potentially longer, more lucrative comparative runway.
This arm of the company often cleans up the mistakes of competing security solutions for prospective clients by leveraging CrowdStrike’s Falcon platform as well as its forensic investigators and recovery and incident specialists. CrowdStrike’s capable threat hunting team uses the organization's AI/ML engine to automate every possible task for speeding time to remediation.
Incident response is far from CrowdStrike’s most profitable segment, but it’s a phenomenal tool for lead generation. Specifically, $1 spent on this piece of the firm fetches the cybersecurity disruptor nearly $6 in incremental revenue. This was closer to $3 when it went public. While this segment isn’t that exciting in isolation, it opens the door for CrowdStrike to sell its other products that certainly are more exciting and cash generative.
“Once the threat has been contained, the conversation usually turns to how do we stop this from ever happening again?” — CrowdStrike Director of Proactive Services Justin Wissert
Enter CrowdStrike’s “Falcon Complete” full-service platform.
Incident response also opens the organization up to aggregated client lists within cybersecurity insurance firms who frequently lean on CrowdStrike's services to clean up messes; it’s approved by 30+ cyber insurance panels which attempt to to promote coordination and communication of best practices.
“CrowdStrike is recognized across the cyber insurance industry for its ability to stop breaches. This is why many insurance carriers call on CrowdStrike when their clients fall victim to attacks.” — CrowdStrike Director of Proactive Services Justin Weissert
Its deep experience within the legal framework of cybersecurity -- as well as an understanding of when and where 3rd party counsel or IT service is needed -- equips CrowdStrike with an intimate understanding of which engagements are privileged (confidential). This is vital for expediting time to recovery. If you don’t know who is allowed to know and do what, fixing a multi-faceted breach becomes even more daunting and time-consuming. CrowdStrike has a formula for instructing companies on the path of least resistance to return to day-to-day operations.
As a side note, Forrester was not happy with me publishing the actual graphic on Twitter last week and asked me not to do so again. Still, it’s free so if you want easy access to it click here.
In light of Russia struggling to win the war in Ukraine, expectations for cyber-based retaliation in response to significant western aid for Ukraine are rising. This month, Biden explicitly told businesses at a quarterly business roundtable that it is a “patriotic obligation that you invest as much as you can in making sure you have the capacity to deal with cyberattacks.” It’s hard to think of another company within the endpoint and cloud workload niche that is better-positioned to take advantage of this durable tailwind.
CrowdStrike helps its clients actively prepare for cyberthreats via:
- Tabletop exercises -- this is essentially an interactive meeting involving the response teams from CrowdStrike and a given client. The topic of the meeting is a made-up breach based on what's most relevant to the specific firm. Together, the two teams work through needed actions and who is actually responsible for doing what.
- Red Team Exercise -- CrowdStrike uses its threat hunters to emulate an attack (that is again relevant to the given client) with the actual intention of successfully breaching an ecosystem to reveal security vulnerabilities.
- Red Team/Blue Team Exercise -- Same red team exercise but with a defense team in place to gauge progress in addressing uncovered vulnerabilities.
b) ‘MITRE Engenuity (yes, spelled that way) ATT&CK Evaluation’
MITRE’s cyber test evaluating responses to threats that mimic Russian hackers went very well for CrowdStrike. The company demonstrated a perfect prevention score across every step measurement and delivered 96% sub step visibility.
- Sub step definition: steps within each piece of the prevention process.
Furthermore, it was the only vendor to depict “native and unified Zero Trust and identity protection capabilities” all engrained in a single platform.
“Rigorous, independent testing is a vital piece of security… that’s why I’m so excited to share these results today… it’s clear that our platform continues to set the industry standard by stopping ransomware, malware and all breaches.” — CrowdStrike CTO Michael Sentonas
CrowdStrike also scheduled a new investor briefing for next week. I’m excited to tune in and share the highlights.
2. Upstart (UPST) -- Founder Interview, Credit Union, ABS Markets & CFPB
a) Upstart Leaders in Lending Podcast Interview with Co-Founder/CEO Dave Girouard
On Crypto:
“I certainly am a student of crypto and believe it could be one of the most overwhelming changes that any of us will experience depending on where it goes… Web3 is truly potentially transformative and is an area that we will be involved in over time." — Upstart Co-Founder/CEO Dave Girouard
As a reminder, last year Upstart led a $145 million Series E fundraise with Tala. Tala is a financial services company that helps 6 million members throughout mainly the developing World. The cash was specifically earmarked for “developing one of the first mass-market crypto products for emerging markets to help make crypto solutions more affordable and equitable.”
“Crypto will likely be part of every financial institution's future and we can be an ally for our partners here to ensure they’re on the right side of things as crypto plays out. When the talent moves so quickly in one direction, it’s almost inevitable that something big will come of it.” — Upstart Co-Founder/CEO Dave Girouard
On early regulator engagement:
“It became very clear to us that lending is just not a do things incorrectly and apologize later or a move fast and break things type of industry. We engaged with regulators from our inception to show that what we’re trying to do is good for everyone. In 2012 we were meeting with CFPB before we had even gotten started. We’ve taken similar approaches with the OCC, FTIC and Federal Reserve as well. It has paid off and is a constant effort... Our nothing to hide, will share anything regulator approach engendered trust over time.” — Upstart Co-Founder/CEO Dave Girouard
On auto:
“In our view, the auto market functions so poorly today that there’s a chance to build a product that leads to better outcomes for all 3 parties involved in the process (consumer, dealer, lender) simultaneously. That’s what we want to achieve -- not putting one of the stakeholders out of business, but creating wins all around. We have that opportunity." — Upstart Co-Founder/CEO Dave Girouard
b) Credit Union
Upstart deepened its partnership with Red Rocks Credit Union this week. This is another small get for the company -- Red Rocks has $360 million in assets and 16,000 members mostly in the state of Colorado -- but yet another sign of Upstart’s growing traction in the credit Industry. The two entities had begun working together late last year but it will now join Upstart’s budding referral network -- which is the loan innovator's largest revenue segment.
Since Upstart became a preferred partner for the National Associated of Federally Insured Credit Unions (NACFU) in 2021, the company has enjoyed rapid adoption among credit unions of all sizes across the nation. Considering that -- on an apples to apples basis -- a credit union lends at nearly 2X the rate of traditional banks, this growth channel will be a core company focus going forward. According to Upstart SVP of Business Development Jeff Keltner, the firm had messed up by not focusing on credit unions along with banks at the beginning of its now decade-long journey -- and it's now a priority.
c) ABS Markets
There was some chatter on Twitter that a senior tranche of an ABS transaction involving Upstart loans had to be re-priced due to tightening conditions within securitization markets. This concerned me a little, but I couldn’t find a single bit of news on the claim after hours of digging -- so I reached out to Upstart’s head of investor relations for comment. His response was short, sweet and all that I needed:
“Not true. Probably why you can’t find any info.” -- Upstart VP of IR Jason Schmidt
Still, ABS markets will tighten this year as monetary policy becomes more hawkish and so liquidity lessens. This should lead to rising delinquencies which Upstart has assumed in its 2022 guide by doing things like requiring relatively higher interest payments to compensate for the incremental risk seen in macro-land. Upstart isn’t helpless in this inevitable tightening, and had assumed it would come for the last 2 years. As a result, it expects to shift more of its origination volume this year to sources like partner retention and whole loan purchases. For partner retention specifically, that also means less 3rd parties involved to command a certain chunk of the overall profits which could make Upstart’s lofty take rate more defensible.
d) Consumer Financial Protection Bureau (CFPB)
According to American Banker, CFPB has recently been sending cases pertaining to fair lending and the Equal Credit Opportunity Act (ECOA) to banks around the nation. Issues including maternity leave, English proficiency, LGBTQ+ and Tribal Lands have been brought to bear which is leading most to assume that stricter enforcement action from CFPB could be coming.
Upstart is actually a relative beneficiary of CFPB’s tightening grip. Why? It's the only FinTech in the United States with a no action letter from CFPB guaranteeing no ECOA enforcement action -- that’s what an obsession with regulatory transparency from day 1 has led to for the firm. This letter was the culmination of things like Upstart loans being issued to protected classes at a far higher rate vs. the industry average and the more affordable debt it can offer to these protected classes. As/If CFPB becomes more demanding, compliance will become more difficult. There’s no direct Upstart competition with as intimate of an ability to aid in this compliance for its partners.
Click here for my Upstart deep dive.